Hi there,
I have an ASA Box as my Gateway to the Internet here. It serves the internal Net 192.168.1.0/24. Also I have an ISR 871 connected to the ASA (on inside lan) which have a PATed 192.168.1.1/24 Net behind. On the ISR I have configured a DDNS Client in order to get my DYNDNS account updated. The DDNS Client uses the PATed WAN Interface which is connected to the ASA. Unfortunately the WAN Interface IP on the ISR (192.168.1.254) is updated at DYNDNS although there will be another PATing of outbound traffic in the ASA. So why is the internal address used rather than outside address of my ASA Box?
Any thoughts? Thanks!
I have attached the config of my ISR here:
! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname C871 ! boot-start-marker boot-end-marker ! logging message-counter syslog enable secret enable password ! aaa new-model ! ! aaa authentication login default local ! aaa session-id common ! dot11 syslog ! dot11 ssid shampoo vlan 1 authentication open authentication key-management wpa wpa-psk ascii ! no ip source-route ! ip dhcp excluded-address 192.168.0.250 192.168.0.254 ! ip dhcp pool C871 network 192.168.0.0 255.255.255.0 default-router 192.168.0.254 dns-server 208.67.222.222 208.67.220.220 ! ip cef ip name-server 208.67.222.222 ip name-server 208.67.220.220 ip name-server 213.168.112.60 ip ddns update method dyndns HTTP add http://xxx: snipped-for-privacy@members.dyndns.org/nic/update?system=dyndns&hostname=yandy.homeip.net&myip= interval maximum 0 12 0 0 interval minimum 0 12 0 0 ! no ipv6 cef ntp server 192.53.103.108 ! multilink bundle-name authenticated !
username root privilege 15 secret !
archive log config hidekeys ! bridge irb ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 description TO_ASA_5505 ip ddns update hostname yandy.homeip.net ip ddns update dyndns ip address 192.168.1.254 255.255.255.0 ip nat outside ip virtual-reassembly duplex auto speed auto ! interface Dot11Radio0 no ip address no ip redirects no ip unreachables no ip proxy-arp ip flow ingress ! encryption mode ciphers aes-ccm ! encryption vlan 1 mode ciphers aes-ccm ! ssid shampoo ! speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 station-role root ! interface Dot11Radio0.1 encapsulation dot1Q 1 native ip flow ingress no cdp enable bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Vlan1 no ip address bridge-group 1 ! interface BVI1 ip address 192.168.0.254 255.255.255.0 ip nat inside ip virtual-reassembly ! ip default-gateway 192.168.0.254 ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 192.168.1.1 no ip http server no ip http secure-server ! ip dns server ip nat inside source list 10 interface FastEthernet4 overload ! access-list 10 permit 192.168.0.0 0.0.0.255 ! control-plane ! bridge 1 protocol ieee bridge 1 route ip ! line con 0 password no modem enable speed 115200 line aux 0 line vty 0 4 password ! scheduler max-task-time 5000 end